The RSA Archer Policy Library includes a set of 19 best-practice policies developed by RSA Archer in cooperation with leading Fortune 1000 organizations and aligned with the International Organization for Standardization (ISO) and International Electro-Technical Commission's (IEC) 27001 codes of practices.

A Policy is a broad statement of principle that presents the management position for a defined area. These statements are long-term directives that guide the development of more specific rules to address particular situations. Policies are interpreted and supported by Standards and Procedures. Policies are relatively few in number, must be approved and supported by executive-level management, and must provide overall direction to the organization.

To make communication with your employees easy, RSA Archer designed these policies using a three-level structure. The purpose of this structure is to allow employees to quickly locate policies based on a high-level name, an area of focus, or a specific section. For example:

A Policy is the highest-level item in the Policy framework. Policies include high-level statements of management expectations regarding an issue (for example, 8.0 Access Control).

An Area is the second-highest level in the Policy framework. Areas include more specific language regarding the policy, describing the area of focus and the intent of the main level policy. Areas act as a categorical stepping stone to help users navigate to the Sections that they are looking for (for example, 8.1 User Enrollment and Authorization).

A Section is the third level of policy in the Policy framework. Sections provide an additional level of grouping (for example, 8.1.4 Password Management Systems).

The following list details each of the 20 policies available in the RSA Archer Policy Library:

Introduction

Security Management

Risk Management

Personnel Security

Physical Security

Operations Management

Security Monitoring and Response

Communications Management

Access Control

Network Security

Third-Party Services

Application Development

Business Continuity Management

Legal, Compliance and Regulatory

IT Management

IT Event, Incident and Problem Management

Privacy

Audit Management

Financial Services Management

Healthcare Services Management

Languages

The RSA Archer Policy Library is available in the following languages:

English

French

German

Italian

Japanese

Portuguese

Russian

Simplified Chinese

Spanish

Licensing Restrictions

The RSA Archer Policy Content Library is available with the use of the RSA Archer Policy Program Management and/or the RSA Archer IT Policy Program Management use cases. No additional license is required.

For Additional Support

To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case or contact RSA Archer at archersupport@rsa.com for more information.